Hugging Face's logo

smartm2m-bdg
/
CipherGuard-V4.2-SAPO-0.6B-GGUF

Text Generation
GGUF
Korean
English
llama-cpp
guardrails
safety
pii-detection
cipherguard
slm
Eval Results (legacy)
conversational
Model card Files
xet
 Community

CipherGuard-V4.2-SAPO-0.6B-GGUF

This is the GGUF (F16) conversion of CipherGuard-V4.2-SAPO-0.6B for use with llama.cpp and compatible inference engines.

CipherGuard is a proprietary Small Language Model (SLM) developed internally by SmartM2M for real-time safety classification and sensitive information detection in LLM-powered applications.

With only 596M parameters, CipherGuard is designed for edge deployment and low-latency inference โ€” serving as a lightweight guardrail layer that can be integrated into any LLM pipeline.

Available Files

File Quant Size Description
CipherGuard-V4.2-SAPO-0.6B-f16.gguf F16 ~1.2 GB Full precision โ€” no quality loss

Classification Standard (V4.2)

This model follows the "actual data required" classification principle:

A message is Unsafe only when it contains, discloses, or requests actual sensitive data (real numbers, real keys, real records). Merely mentioning a sensitive keyword or asking about a process does not make it Unsafe.

Text Label Reason
์ฃผ๋ฏผ๋“ฑ๋ก๋ฒˆํ˜ธ (keyword only) Safe Keyword mention without actual data
์ฃผ๋ฏผ๋“ฑ๋ก๋ฒˆํ˜ธ๋Š” 950101-1234567 ์ž…๋‹ˆ๋‹ค Unsafe Contains actual SSN value
๊ณ„์ขŒ๋ฒˆํ˜ธ ์ž…๋ ฅ๋ž€์ด ์–ด๋””์— ์žˆ๋‚˜์š”? Safe Procedural question, no actual data
๊ณ„์ขŒ๋ฒˆํ˜ธ 110-123-456789 ๋กœ ์†ก๊ธˆํ•ด์ฃผ์„ธ์š” Unsafe Contains actual account number

Key Features

  • Bilingual: Native support for Korean and English
  • Real-time classification: Safe / Unsafe / Controversial with category breakdown
  • Edge-ready: 596M params, runs efficiently on CPU or single GPU
  • High precision: 92.6% Unsafe precision โ€” minimal false positives
  • GGUF format: Direct use with llama.cpp, Ollama, LM Studio, and more

Usage

With llama.cpp 

llama-cli -m CipherGuard-V4.2-SAPO-0.6B-f16.gguf \
  -p "<|im_start|>user\n์ œ ์ฃผ๋ฏผ๋“ฑ๋ก๋ฒˆํ˜ธ๋Š” 900101-1234567 ์ž…๋‹ˆ๋‹ค<|im_end|>\n<|im_start|>assistant\n" \
  -n 64 --temp 0.2

With llama-cpp-python 

from llama_cpp import Llama

llm = Llama(model_path="CipherGuard-V4.2-SAPO-0.6B-f16.gguf")
output = llm.create_chat_completion(
    messages=[{"role": "user", "content": "์ œ ์ฃผ๋ฏผ๋“ฑ๋ก๋ฒˆํ˜ธ๋Š” 900101-1234567 ์ž…๋‹ˆ๋‹ค"}],
    max_tokens=64,
    temperature=0.2,
)
print(output["choices"][0]["message"]["content"])
# Safety: Unsafe
# Categories: PII

With Ollama 

# Create a Modelfile
echo 'FROM ./CipherGuard-V4.2-SAPO-0.6B-f16.gguf' > Modelfile
ollama create cipherguard -f Modelfile
ollama run cipherguard "๊ณ„์ขŒ๋ฒˆํ˜ธ 110-123-456789 ๋กœ ์†ก๊ธˆํ•ด์ฃผ์„ธ์š”"

Output Format 

Safety: <Safe|Unsafe|Controversial>
Categories: <comma-separated list or None>

Safety Labels

Label Description
Safe No actual sensitive data present (keyword mentions alone are Safe)
Unsafe Contains actual sensitive data values (real numbers, keys, records, etc.)
Controversial Ambiguous content requiring human review

Supported Categories

PII ยท Financial Information ยท Health/Biometric Information ยท Account Information ยท API Key/Access Token ยท Internal Document ยท HR/Payroll Information ยท Credential/Secret ยท Location/Device Information ยท Organization/Project Information ยท Legal Information ยท Real Estate Information

Evaluation

Evaluated on 2,138 samples labeled with V4.2 criteria (keyword only = Safe, keyword + actual value = Unsafe).

Metric Value
Safety Accuracy (3-class) 90.08%
Binary Accuracy 90.69%
PII Category Accuracy 91.4%

Per-Class Performance

Class Precision Recall F1
Safe 89.5% 91.3% 90.4%
Unsafe 92.6% 92.0% 92.3%
Controversial 4.2% 2.6% 3.2%

Model Details

Attribute Value
Base Model CipherGuard-V4.2-SAPO-0.6B
Architecture CipherGuard SLM (596M params)
Training Method SFT (DoRA) + SAPO
GGUF Quantization F16 (full precision)
Languages Korean, English
License Apache 2.0

Limitations

  • Optimized for Korean and English โ€” other languages may have reduced accuracy
  • Category detection beyond PII/API Key/Internal Document needs improvement
  • Controversial class detection is weak (F1 3.2%)
  • Designed as a classification layer, not a general-purpose language model

Citation 

@misc{cipherguard2026,
  title={CipherGuard: Lightweight Safety Classification SLM for Enterprise Guardrails},
  author={SmartM2M Bandung},
  year={2026},
  url={https://huggingface.co/smartm2m-bdg/CipherGuard-V4.2-SAPO-0.6B}
}

Developed by SmartM2M Bandung โ€” AI Safety & Guardrails Division

Downloads last month
115
GGUF
Model size
0.6B params
Architecture
qwen3
Hardware compatibility
Log In to add your hardware

16-bit

Inference Providers NEW
Text Generation
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support

Model tree for smartm2m-bdg/CipherGuard-V4.2-SAPO-0.6B-GGUF

Base model

smartm2m-bdg/CipherGuard-V4.2-SAPO-0.6B
Quantized
(1)
this model

Evaluation results

  • Safety Accuracy (3-class) on CipherGuard Eval (2,138 samples, V4.2 criteria)
    self-reported
    0.901
  • Binary Accuracy on CipherGuard Eval (2,138 samples, V4.2 criteria)
    self-reported
    0.907
  • PII Category Accuracy on CipherGuard Eval (2,138 samples, V4.2 criteria)
    self-reported
    0.914